Nick Holland <n...@holland-consulting.net> wrote:
> Now, I suspect (nb: I am not a cryptographer or SSH coder. But I sat at
> a table with one once, and was completely in awe) the key has to be held
> in unlocked form in RAM, so perhaps a very serious breach that allowed
> the raw access of system RAM might produce it...but would also produce a
> lot of other nifty things, and by that point, your system is so
> completely compromised, not much is trustworthy anymore.
> 
> Nick.

I have actually seen step by step instructions for doing just that, but I
don't have the link around. You essentially need root permissions for
pulling that off.

Ssh-agent prevents an intruder from stealing the key material in any
useful form, but it does not prevent him from using the material that is
already kept by the agent - if he is able to send a query to your agent,
he will be able to use the keys even if he does not get to see them.

I encrypt my key materials even when I am using PFDE, I just don't think
the agent is something it is not.

-- 
OpenPGP Key Fingerprint:
BB5A C2A2 2CAD ACB7 D50D  C081 1DB9 6FC4 5AB7 92FA

Reply via email to